{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-extra":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-extra":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12","name":"kernel-source","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-extra":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12","name":"kernel-syms","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Desktop%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-extra":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12","name":"kernel-xen","purl":"pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Desktop%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kgraft-patch-3_12_44-52_10-default":"1-2.1","kgraft-patch-3_12_44-52_10-xen":"1-2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Live Patching 12","name":"kgraft-patch-SLE12_Update_6","purl":"pkg:rpm/suse/kgraft-patch-SLE12_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1-2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-ec2":"3.12.44-52.10.1","kernel-ec2-devel":"3.12.44-52.10.1","kernel-ec2-extra":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Public Cloud 12","name":"kernel-ec2","purl":"pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-docs":"3.12.44-52.10.3","kernel-obs-build":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12","name":"kernel-docs","purl":"pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-docs":"3.12.44-52.10.3","kernel-obs-build":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12","name":"kernel-obs-build","purl":"pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-base":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-man":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-base":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-base":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-man":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-base":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12","name":"kernel-source","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-base":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-man":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-base":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12","name":"kernel-syms","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-base":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-man":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-base":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12","name":"kernel-xen","purl":"pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-base":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-man":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-base":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-base":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-man":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-base":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12","name":"kernel-source","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-base":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-man":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-base":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12","name":"kernel-syms","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default":"3.12.44-52.10.1","kernel-default-base":"3.12.44-52.10.1","kernel-default-devel":"3.12.44-52.10.1","kernel-default-man":"3.12.44-52.10.1","kernel-devel":"3.12.44-52.10.1","kernel-macros":"3.12.44-52.10.1","kernel-source":"3.12.44-52.10.1","kernel-syms":"3.12.44-52.10.1","kernel-xen":"3.12.44-52.10.1","kernel-xen-base":"3.12.44-52.10.1","kernel-xen-devel":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12","name":"kernel-xen","purl":"pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-default-extra":"3.12.44-52.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 12","name":"kernel-default","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.12.44-52.10.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"The SUSE Linux Enterprise 12 kernel was updated to 3.12.44 to receive various security and bugfixes.\n\nThese features were added:\n- mpt2sas: Added Reply Descriptor Post Queue (RDPQ) Array support (bsc#854824).\n- mpt3sas: Bump mpt3sas driver version to 04.100.00.00 (bsc#854817).\n\nFollowing security bugs were fixed:\n- CVE-2015-1805: iov overrun for failed atomic copy could have lead to\n  DoS or privilege escalation (bsc#933429).\n- CVE-2015-3212: A race condition in the way the Linux kernel handled\n  lists of associations in SCTP sockets could have lead to list\n  corruption and kernel panics (bsc#936502).\n- CVE-2015-4036: DoS via memory corruption in vhost/scsi driver\n  (bsc#931988).\n- CVE-2015-4167: Linux kernel built with the UDF file\n  system(CONFIG_UDF_FS) support was vulnerable to a crash. It occurred\n  while fetching inode information from a corrupted/malicious udf file\n  system image (bsc#933907).\n- CVE-2015-4692: DoS via NULL pointer dereference in kvm_apic_has_events\n  function (bsc#935542).\n- CVE-2015-5364: Remote DoS via flood of UDP packets with invalid\n  checksums (bsc#936831).\n- CVE-2015-5366: Remote DoS of EPOLLET epoll applications via flood of\n  UDP packets with invalid checksums (bsc#936831).\n\nSecurity issues already fixed in the previous update but not referenced by CVE:\n- CVE-2014-9728: Kernel built with the UDF file system(CONFIG_UDF_FS)\n  support were vulnerable to a crash (bsc#933904).\n- CVE-2014-9729: Kernel built with the UDF file system(CONFIG_UDF_FS)\n  support were vulnerable to a crash (bsc#933904).\n- CVE-2014-9730: Kernel built with the UDF file system(CONFIG_UDF_FS)\n  support were vulnerable to a crash (bsc#933904).\n- CVE-2014-9731: Kernel built with the UDF file system(CONFIG_UDF_FS)\n  support were vulnerable to information leakage (bsc#933896).\n\nThe following non-security bugs were fixed:\n- ALSA: hda - add codec ID for Skylake display audio codec (bsc#936556).\n- ALSA: hda/hdmi - apply Haswell fix-ups to Skylake display codec\n  (bsc#936556).\n- ALSA: hda_controller: Separate stream_tag for input and output streams\n  (bsc#936556).\n- ALSA: hda_intel: add AZX_DCAPS_I915_POWERWELL for SKL and BSW\n  (bsc#936556).\n- ALSA: hda_intel: apply the Seperate stream_tag for Skylake\n  (bsc#936556).\n- ALSA: hda_intel: apply the Seperate stream_tag for Sunrise Point\n  (bsc#936556).\n- Btrfs: Handle unaligned length in extent_same (bsc#937609).\n- Btrfs: add missing inode item update in fallocate() (bsc#938023).\n- Btrfs: check pending chunks when shrinking fs to avoid corruption\n  (bsc#936445).\n- Btrfs: do not update mtime/ctime on deduped inodes (bsc#937616).\n- Btrfs: fix block group ->space_info null pointer dereference\n  (bsc#935088).\n- Btrfs: fix clone / extent-same deadlocks (bsc#937612).\n- Btrfs: fix deadlock with extent-same and readpage (bsc#937612).\n- Btrfs: fix fsync data loss after append write (bsc#936446).\n- Btrfs: fix hang during inode eviction due to concurrent readahead\n  (bsc#935085).\n- Btrfs: fix memory leak in the extent_same ioctl (bsc#937613).\n- Btrfs: fix race when reusing stale extent buffers that leads to BUG_ON\n  (bsc#926369).\n- Btrfs: fix use after free when close_ctree frees the orphan_rsv\n  (bsc#938022).\n- Btrfs: pass unaligned length to btrfs_cmp_data() (bsc#937609).\n- Btrfs: provide super_operations->inode_get_dev (bsc#927455).\n- Drivers: hv: balloon: check if ha_region_mutex was acquired in\n  MEM_CANCEL_ONLINE case.\n- Drivers: hv: fcopy: process deferred messages when we complete the\n  transaction.\n- Drivers: hv: fcopy: rename fcopy_work -> fcopy_timeout_work.\n- Drivers: hv: fcopy: set .owner reference for file operations.\n- Drivers: hv: fcopy: switch to using the hvutil_device_state state\n  machine.\n- Drivers: hv: hv_balloon: correctly handle num_pages>INT_MAX case.\n- Drivers: hv: hv_balloon: correctly handle val.freeram lower than num_pages case.\n- Drivers: hv: hv_balloon: do not lose memory when onlining order is not\n  natural.\n- Drivers: hv: hv_balloon: do not online pages in offline blocks.\n- Drivers: hv: hv_balloon: eliminate jumps in piecewiese linear floor\n  function.\n- Drivers: hv: hv_balloon: eliminate the trylock path in\n  acquire/release_region_mutex.\n- Drivers: hv: hv_balloon: keep locks balanced on add_memory() failure.\n- Drivers: hv: hv_balloon: refuse to balloon below the floor.\n- Drivers: hv: hv_balloon: report offline pages as being used.\n- Drivers: hv: hv_balloon: survive ballooning request with num_pages=0.\n- Drivers: hv: kvp: move poll_channel() to hyperv_vmbus.h.\n- Drivers: hv: kvp: rename kvp_work -> kvp_timeout_work.\n- Drivers: hv: kvp: reset kvp_context.\n- Drivers: hv: kvp: switch to using the hvutil_device_state state\n  machine.\n- Drivers: hv: util: Fix a bug in the KVP code. reapply upstream change\n  ontop of v3.12-stable change\n- Drivers: hv: util: On device remove, close the channel after\n  de-initializing the service.\n- Drivers: hv: util: introduce hv_utils_transport abstraction.\n- Drivers: hv: util: introduce state machine for util drivers.\n- Drivers: hv: util: move kvp/vss function declarations to\n  hyperv_vmbus.h.\n- Drivers: hv: vmbus: Add device and vendor ID to vmbus devices.\n- Drivers: hv: vmbus: Add support for VMBus panic notifier handler\n  (bsc#934160).\n- Drivers: hv: vmbus: Add support for the NetworkDirect GUID.\n- Drivers: hv: vmbus: Correcting truncation error for constant\n  HV_CRASH_CTL_CRASH_NOTIFY (bsc#934160).\n- Drivers: hv: vmbus: Export the vmbus_sendpacket_pagebuffer_ctl().\n- Drivers: hv: vmbus: Fix a bug in rescind processing in\n  vmbus_close_internal().\n- Drivers: hv: vmbus: Fix a siganlling host signalling issue.\n- Drivers: hv: vmbus: Get rid of some unnecessary messages.\n- Drivers: hv: vmbus: Get rid of some unused definitions.\n- Drivers: hv: vmbus: Handle both rescind and offer messages in the same\n  context.\n- Drivers: hv: vmbus: Implement the protocol for tearing down vmbus\n  state.\n- Drivers: hv: vmbus: Introduce a function to remove a rescinded offer.\n- Drivers: hv: vmbus: Perform device register in the per-channel work\n  element.\n- Drivers: hv: vmbus: Permit sending of packets without payload.\n- Drivers: hv: vmbus: Properly handle child device remove.\n- Drivers: hv: vmbus: Remove the channel from the channel list(s) on\n  failure.\n- Drivers: hv: vmbus: Suport an API to send packet with additional\n  control.\n- Drivers: hv: vmbus: Suport an API to send pagebuffers with additional\n  control.\n- Drivers: hv: vmbus: Teardown clockevent devices on module unload.\n- Drivers: hv: vmbus: Teardown synthetic interrupt controllers on module\n  unload.\n- Drivers: hv: vmbus: Use a round-robin algorithm for picking the\n  outgoing channel.\n- Drivers: hv: vmbus: Use the vp_index map even for channels bound to CPU\n  0.\n- Drivers: hv: vmbus: avoid double kfree for device_obj.\n- Drivers: hv: vmbus: briefly comment num_sc and next_oc.\n- Drivers: hv: vmbus: decrease num_sc on subchannel removal.\n- Drivers: hv: vmbus: distribute subchannels among all vcpus.\n- Drivers: hv: vmbus: do cleanup on all vmbus_open() failure paths.\n- Drivers: hv: vmbus: introduce vmbus_acpi_remove.\n- Drivers: hv: vmbus: kill tasklets on module unload.\n- Drivers: hv: vmbus: move init_vp_index() call to vmbus_process_offer().\n- Drivers: hv: vmbus: prevent cpu offlining on newer hypervisors.\n- Drivers: hv: vmbus: rename channel work queues.\n- Drivers: hv: vmbus: teardown hv_vmbus_con workqueue and\n  vmbus_connection pages on shutdown.\n- Drivers: hv: vmbus: unify calls to percpu_channel_enq().\n- Drivers: hv: vmbus: unregister panic notifier on module unload.\n- Drivers: hv: vmbus:Update preferred vmbus protocol version to windows\n  10.\n- Drivers: hv: vss: process deferred messages when we complete the\n  transaction.\n- Drivers: hv: vss: switch to using the hvutil_device_state state\n  machine.\n- Enable CONFIG_BRIDGE_NF_EBTABLES on s390x (bsc#936012)\n- Fix connection reuse when sk_error_report is used (bsc#930972).\n- GHES: Carve out error queueing in a separate function (bsc#917630).\n- GHES: Carve out the panic functionality (bsc#917630).\n- GHES: Elliminate double-loop in the NMI handler (bsc#917630).\n- GHES: Make NMI handler have a single reader (bsc#917630).\n- GHES: Panic right after detection (bsc#917630).\n- IB/mlx4: Fix wrong usage of IPv4 protocol for multicast attach/detach\n  (bsc#918618).\n- Initialize hv_netvsc_packet->xmit_more to avoid transfer stalls\n- KVM: PPC: BOOK3S: HV: CMA: Reserve cma region only in hypervisor mode\n  (bsc#908491).\n- KVM: s390: virtio-ccw: Handle command rejects (bsc#931860).\n- MODSIGN: loading keys from db when SecureBoot disabled (bsc#929696).\n- MODSIGN: loading keys from db when SecureBoot disabled (bsc#929696).\n- PCI: pciehp: Add hotplug_lock to serialize hotplug events (bsc#866911).\n- Revert 'MODSIGN: loading keys from db when SecureBoot disabled'. This\n  reverts commit b45412d4, because it breaks legacy boot.\n- SUNRPC: Report connection error values to rpc_tasks on the pending\n  queue (bsc#930972).\n- Update s390x kabi files with netfilter change (bsc#936012)\n- client MUST ignore EncryptionKeyLength if CAP_EXTENDED_SECURITY is set\n  (bsc#932348).\n- cpufreq: pcc: Enable autoload of pcc-cpufreq for ACPI processors\n  (bsc#933117).\n- dmapi: fix value from newer Linux strnlen_user() (bsc#932897).\n- drm/i915/hsw: Fix workaround for server AUX channel clock divisor\n  (bsc#935918).\n- drm/i915: Evict CS TLBs between batches (bsc#935918).\n- drm/i915: Fix DDC probe for passive adapters (bsc#935918).\n- drm/i915: Handle failure to kick out a conflicting fb driver\n  (bsc#935918).\n- drm/i915: drop WaSetupGtModeTdRowDispatch:snb (bsc#935918).\n- drm/i915: save/restore GMBUS freq across suspend/resume on gen4\n  (bsc#935918).\n- edd: support original Phoenix EDD 3.0 information (bsc#929974).\n- ext4: fix over-defensive complaint after journal abort (bsc#935174).\n- fs/cifs: Fix corrupt SMB2 ioctl requests (bsc#931124).\n- ftrace: add oco handling patch (bsc#924526).\n- ftrace: allow architectures to specify ftrace compile options\n  (bsc#924526).\n- ftrace: let notrace function attribute disable hotpatching if necessary\n  (bsc#924526).\n- hugetlb, kabi: do not account hugetlb pages as NR_FILE_PAGES\n  (bsc#930092).\n- hugetlb: do not account hugetlb pages as NR_FILE_PAGES (bsc#930092).\n- hv: channel: match var type to return type of wait_for_completion.\n- hv: do not schedule new works in\n  vmbus_onoffer()/vmbus_onoffer_rescind().\n- hv: hv_balloon: match var type to return type of wait_for_completion.\n- hv: hv_util: move vmbus_open() to a later place.\n- hv: hypervvssd: call endmntent before call setmntent again.\n- hv: no rmmod for hv_vmbus and hv_utils.\n- hv: remove the per-channel workqueue.\n- hv: run non-blocking message handlers in the dispatch tasklet.\n- hv: vmbus: missing curly braces in vmbus_process_offer().\n- hv: vmbus_free_channels(): remove the redundant free_channel().\n- hv: vmbus_open(): reset the channel state on ENOMEM.\n- hv: vmbus_post_msg: retry the hypercall on some transient errors.\n- hv_netvsc: Allocate the receive buffer from the correct NUMA node.\n- hv_netvsc: Allocate the sendbuf in a NUMA aware way.\n- hv_netvsc: Clean up two unused variables.\n- hv_netvsc: Cleanup the test for freeing skb when we use sendbuf\n  mechanism.\n- hv_netvsc: Define a macro RNDIS_AND_PPI_SIZE.\n- hv_netvsc: Eliminate memory allocation in the packet send path.\n- hv_netvsc: Fix a bug in netvsc_start_xmit().\n- hv_netvsc: Fix the packet free when it is in skb headroom.\n- hv_netvsc: Implement batching in send buffer.\n- hv_netvsc: Implement partial copy into send buffer.\n- hv_netvsc: Use the xmit_more skb flag to optimize signaling the host.\n- hv_netvsc: change member name of struct netvsc_stats.\n- hv_netvsc: introduce netif-msg into netvsc module.\n- hv_netvsc: remove unused variable in netvsc_send().\n- hv_netvsc: remove vmbus_are_subchannels_present() in\n  rndis_filter_device_add().\n- hv_netvsc: try linearizing big SKBs before dropping them.\n- hv_netvsc: use per_cpu stats to calculate TX/RX data.\n- hv_netvsc: use single existing drop path in netvsc_start_xmit.\n- hv_vmbus: Add gradually increased delay for retries in\n  vmbus_post_msg().\n- hyperv: Implement netvsc_get_channels() ethool op.\n- hyperv: hyperv_fb: match wait_for_completion_timeout return type.\n- iommu/amd: Handle integer overflow in dma_ops_area_alloc (bsc#931538).\n- iommu/amd: Handle large pages correctly in free_pagetable (bsc#935881).\n- ipr: Increase default adapter init stage change timeout (bsc#930579).\n- ipv6: do not delete previously existing ECMP routes if add fails\n  (bsc#930399).\n- ipv6: fix ECMP route replacement (bsc#930399).\n- jbd2: improve error messages for inconsistent journal heads\n  (bsc#935174).\n- jbd2: revise KERN_EMERG error messages (bsc#935174).\n- kabi/severities: Add s390 symbols allowed to change in bsc#931860\n- kabi: only use sops->get_inode_dev with proper fsflag.\n- kernel: add panic_on_warn.\n- kexec: allocate the kexec control page with KEXEC_CONTROL_MEMORY_GFP\n  (bsc#928131).\n- kgr: fix redirection on s390x arch (bsc#903279).\n- kgr: move kgr_task_in_progress() to sched.h.\n- kgr: send a fake signal to all blocking tasks.\n- kvm: irqchip: Break up high order allocations of kvm_irq_routing_table\n  (bsc#926953).\n- libata: Blacklist queued TRIM on all Samsung 800-series (bsc#930599).\n- mei: bus: () can be static.\n- mm, thp: really limit transparent hugepage allocation to local node (VM\n  Performance, bsc#931620).\n- mm, thp: respect MPOL_PREFERRED policy with non-local node (VM\n  Performance, bsc#931620).\n- mm/mempolicy.c: merge alloc_hugepage_vma to alloc_pages_vma (VM\n  Performance, bsc#931620).\n- mm/thp: allocate transparent hugepages on local node (VM Performance,\n  bsc#931620).\n- net/mlx4_en: Call register_netdevice in the proper location\n  (bsc#858727).\n- net/mlx4_en: Do not attempt to TX offload the outer UDP checksum for\n  VXLAN (bsc#858727).\n- net: fib6: fib6_commit_metrics: fix potential NULL pointer dereference\n  (bsc#867362).\n- net: introduce netdev_alloc_pcpu_stats() for drivers.\n- net: ipv6: fib: do not sleep inside atomic lock (bsc#867362).\n- netdev: set __percpu attribute on netdev_alloc_pcpu_stats.\n- netdev_alloc_pcpu_stats: use less common iterator variable.\n- netfilter: xt_NFQUEUE: fix --queue-bypass regression (bsc#935083)\n- ovl: default permissions (bsc#924071).\n- ovl: move s_stack_depth .\n- powerpc/perf/hv-24x7: use kmem_cache instead of aligned stack\n  allocations (bsc#931403).\n- powerpc/pseries: Correct cpu affinity for dlpar added cpus (bsc#932967).\n- powerpc: Add VM_FAULT_HWPOISON handling to powerpc page fault handler\n  (bsc#929475).\n- powerpc: Fill in si_addr_lsb siginfo field (bsc#929475).\n- powerpc: Simplify do_sigbus (bsc#929475).\n- reiserfs: Fix use after free in journal teardown (bsc#927697).\n- rtlwifi: rtl8192cu: Fix kernel deadlock (bsc#927786).\n- s390/airq: add support for irq ranges (bsc#931860).\n- s390/airq: silence lockdep warning (bsc#931860).\n- s390/compat,signal: change return values to -EFAULT (bsc#929879).\n- s390/ftrace: hotpatch support for function tracing (bsc#924526).\n- s390/irq: improve displayed interrupt order in /proc/interrupts\n  (bsc#931860).\n- s390/kernel: use stnsm 255 instead of stosm 0 (bsc#929879).\n- s390/kgr: reorganize kgr infrastructure in entry64.S.\n- s390/mm: align 64-bit PIE binaries to 4GB (bsc#929879).\n- s390/mm: limit STACK_RND_MASK for compat tasks (bsc#929879).\n- s390/rwlock: add missing local_irq_restore calls (bsc#929879).\n- s390/sclp_vt220: Fix kernel panic due to early terminal input\n  (bsc#931860).\n- s390/smp: only send external call ipi if needed (bsc#929879).\n- s390/spinlock,rwlock: always to a load-and-test first (bsc#929879).\n- s390/spinlock: cleanup spinlock code (bsc#929879).\n- s390/spinlock: optimize spin_unlock code (bsc#929879).\n- s390/spinlock: optimize spinlock code sequence (bsc#929879).\n- s390/spinlock: refactor arch_spin_lock_wait[_flags] (bsc#929879).\n- s390/time: use stck clock fast for do_account_vtime (bsc#929879).\n- s390: Remove zfcpdump NR_CPUS dependency (bsc#929879).\n- s390: add z13 code generation support (bsc#929879).\n- s390: avoid z13 cache aliasing (bsc#929879).\n- s390: fix control register update (bsc#929879).\n- s390: optimize control register update (bsc#929879).\n- s390: z13 base performance (bsc#929879).\n- sched: fix __sched_setscheduler() vs load balancing race (bsc#921430)\n- scsi: retry MODE SENSE on unit attention (bsc#895814).\n- scsi_dh_alua: Recheck state on unit attention (bsc#895814).\n- scsi_dh_alua: fixup crash in alua_rtpg_work() (bsc#895814).\n- scsi_dh_alua: parse device id instead of target id (bsc#895814).\n- scsi_dh_alua: recheck RTPG in regular intervals (bsc#895814).\n- scsi_dh_alua: update all port states (bsc#895814).\n- sd: always retry READ CAPACITY for ALUA state transition (bsc#895814).\n- st: null pointer dereference panic caused by use after kref_put by\n  st_open (bsc#936875).\n- supported.conf: add btrfs to kernel-$flavor-base (bsc#933637)\n- udf: Remove repeated loads blocksize (bsc#933907).\n- usb: core: Fix USB 3.0 devices lost in NOTATTACHED state after a hub\n  port reset (bsc#938024).\n- vTPM: set virtual device before passing to ibmvtpm_reset_crq\n  (bsc#937087).\n- vfs: add super_operations->get_inode_dev (bsc#927455).\n- virtio-ccw: virtio-ccw adapter interrupt support (bsc#931860).\n- virtio-rng: do not crash if virtqueue is broken (bsc#931860).\n- virtio: fail adding buffer on broken queues (bsc#931860).\n- virtio: virtio_break_device() to mark all virtqueues broken\n  (bsc#931860).\n- virtio_blk: verify if queue is broken after virtqueue_get_buf()\n  (bsc#931860).\n- virtio_ccw: fix hang in set offline processing (bsc#931860).\n- virtio_ccw: fix vcdev pointer handling issues (bsc#931860).\n- virtio_ccw: introduce device_lost in virtio_ccw_device (bsc#931860).\n- virtio_net: do not crash if virtqueue is broken (bsc#931860).\n- virtio_net: verify if queue is broken after virtqueue_get_buf()\n  (bsc#931860).\n- virtio_ring: adapt to notify() returning bool (bsc#931860).\n- virtio_ring: add new function virtqueue_is_broken() (bsc#931860).\n- virtio_ring: change host notification API (bsc#931860).\n- virtio_ring: let virtqueue_{kick()/notify()} return a bool\n  (bsc#931860).\n- virtio_ring: plug kmemleak false positive (bsc#931860).\n- virtio_scsi: do not call virtqueue_add_sgs(... GFP_NOIO) holding\n  spinlock (bsc#931860).\n- virtio_scsi: verify if queue is broken after virtqueue_get_buf()\n  (bsc#931860).\n- vmxnet3: Bump up driver version number (bsc#936423).\n- vmxnet3: Changes for vmxnet3 adapter version 2 (fwd) (bug#936423).\n- vmxnet3: Fix memory leaks in rx path (fwd) (bug#936423).\n- vmxnet3: Register shutdown handler for device (fwd) (bug#936423).\n- x86/PCI: Use host bridge _CRS info on Foxconn K8M890-8237A\n  (bsc#907092).\n- x86/PCI: Use host bridge _CRS info on systems with >32 bit addressing\n  (bsc#907092).\n- x86/kgr: move kgr infrastructure from asm to C.\n- x86/mm: Improve AMD Bulldozer ASLR workaround (bsc#937032).\n- xfrm: release dst_orig in case of error in xfrm_lookup() (bsc#932793).\n- xfs: Skip dirty pages in ->releasepage (bsc#915183).\n- xfs: fix xfs_setattr for DMAPI (bsc#932900).\n- xfs_dmapi: fix transaction ilocks (bsc#932899).\n- xfs_dmapi: fix value from newer Linux strnlen_user() (bsc#932897).\n- xfs_dmapi: xfs_dm_rdwr() uses dir file ops not file's ops (bsc#932898).\n","id":"SUSE-SU-2015:1324-1","modified":"2015-07-16T14:57:20Z","published":"2015-07-16T14:57:20Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20151324-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/854817"},{"type":"REPORT","url":"https://bugzilla.suse.com/854824"},{"type":"REPORT","url":"https://bugzilla.suse.com/858727"},{"type":"REPORT","url":"https://bugzilla.suse.com/866911"},{"type":"REPORT","url":"https://bugzilla.suse.com/867362"},{"type":"REPORT","url":"https://bugzilla.suse.com/895814"},{"type":"REPORT","url":"https://bugzilla.suse.com/903279"},{"type":"REPORT","url":"https://bugzilla.suse.com/907092"},{"type":"REPORT","url":"https://bugzilla.suse.com/908491"},{"type":"REPORT","url":"https://bugzilla.suse.com/915183"},{"type":"REPORT","url":"https://bugzilla.suse.com/917630"},{"type":"REPORT","url":"https://bugzilla.suse.com/918618"},{"type":"REPORT","url":"https://bugzilla.suse.com/921430"},{"type":"REPORT","url":"https://bugzilla.suse.com/924071"},{"type":"REPORT","url":"https://bugzilla.suse.com/924526"},{"type":"REPORT","url":"https://bugzilla.suse.com/926369"},{"type":"REPORT","url":"https://bugzilla.suse.com/926953"},{"type":"REPORT","url":"https://bugzilla.suse.com/927455"},{"type":"REPORT","url":"https://bugzilla.suse.com/927697"},{"type":"REPORT","url":"https://bugzilla.suse.com/927786"},{"type":"REPORT","url":"https://bugzilla.suse.com/928131"},{"type":"REPORT","url":"https://bugzilla.suse.com/929475"},{"type":"REPORT","url":"https://bugzilla.suse.com/929696"},{"type":"REPORT","url":"https://bugzilla.suse.com/929879"},{"type":"REPORT","url":"https://bugzilla.suse.com/929974"},{"type":"REPORT","url":"https://bugzilla.suse.com/930092"},{"type":"REPORT","url":"https://bugzilla.suse.com/930399"},{"type":"REPORT","url":"https://bugzilla.suse.com/930579"},{"type":"REPORT","url":"https://bugzilla.suse.com/930599"},{"type":"REPORT","url":"https://bugzilla.suse.com/930972"},{"type":"REPORT","url":"https://bugzilla.suse.com/931124"},{"type":"REPORT","url":"https://bugzilla.suse.com/931403"},{"type":"REPORT","url":"https://bugzilla.suse.com/931538"},{"type":"REPORT","url":"https://bugzilla.suse.com/931620"},{"type":"REPORT","url":"https://bugzilla.suse.com/931860"},{"type":"REPORT","url":"https://bugzilla.suse.com/931988"},{"type":"REPORT","url":"https://bugzilla.suse.com/932348"},{"type":"REPORT","url":"https://bugzilla.suse.com/932793"},{"type":"REPORT","url":"https://bugzilla.suse.com/932897"},{"type":"REPORT","url":"https://bugzilla.suse.com/932898"},{"type":"REPORT","url":"https://bugzilla.suse.com/932899"},{"type":"REPORT","url":"https://bugzilla.suse.com/932900"},{"type":"REPORT","url":"https://bugzilla.suse.com/932967"},{"type":"REPORT","url":"https://bugzilla.suse.com/933117"},{"type":"REPORT","url":"https://bugzilla.suse.com/933429"},{"type":"REPORT","url":"https://bugzilla.suse.com/933637"},{"type":"REPORT","url":"https://bugzilla.suse.com/933896"},{"type":"REPORT","url":"https://bugzilla.suse.com/933904"},{"type":"REPORT","url":"https://bugzilla.suse.com/933907"},{"type":"REPORT","url":"https://bugzilla.suse.com/934160"},{"type":"REPORT","url":"https://bugzilla.suse.com/935083"},{"type":"REPORT","url":"https://bugzilla.suse.com/935085"},{"type":"REPORT","url":"https://bugzilla.suse.com/935088"},{"type":"REPORT","url":"https://bugzilla.suse.com/935174"},{"type":"REPORT","url":"https://bugzilla.suse.com/935542"},{"type":"REPORT","url":"https://bugzilla.suse.com/935881"},{"type":"REPORT","url":"https://bugzilla.suse.com/935918"},{"type":"REPORT","url":"https://bugzilla.suse.com/936012"},{"type":"REPORT","url":"https://bugzilla.suse.com/936423"},{"type":"REPORT","url":"https://bugzilla.suse.com/936445"},{"type":"REPORT","url":"https://bugzilla.suse.com/936446"},{"type":"REPORT","url":"https://bugzilla.suse.com/936502"},{"type":"REPORT","url":"https://bugzilla.suse.com/936556"},{"type":"REPORT","url":"https://bugzilla.suse.com/936831"},{"type":"REPORT","url":"https://bugzilla.suse.com/936875"},{"type":"REPORT","url":"https://bugzilla.suse.com/937032"},{"type":"REPORT","url":"https://bugzilla.suse.com/937087"},{"type":"REPORT","url":"https://bugzilla.suse.com/937609"},{"type":"REPORT","url":"https://bugzilla.suse.com/937612"},{"type":"REPORT","url":"https://bugzilla.suse.com/937613"},{"type":"REPORT","url":"https://bugzilla.suse.com/937616"},{"type":"REPORT","url":"https://bugzilla.suse.com/938022"},{"type":"REPORT","url":"https://bugzilla.suse.com/938023"},{"type":"REPORT","url":"https://bugzilla.suse.com/938024"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9728"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9729"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9730"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9731"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1805"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3212"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4036"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4167"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4692"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-5364"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-5366"}],"related":["CVE-2014-9728","CVE-2014-9729","CVE-2014-9730","CVE-2014-9731","CVE-2015-1805","CVE-2015-3212","CVE-2015-4036","CVE-2015-4167","CVE-2015-4692","CVE-2015-5364","CVE-2015-5366"],"summary":"Security update for the SUSE Linux Enterprise 12 kernel","upstream":["CVE-2014-9728","CVE-2014-9729","CVE-2014-9730","CVE-2014-9731","CVE-2015-1805","CVE-2015-3212","CVE-2015-4036","CVE-2015-4167","CVE-2015-4692","CVE-2015-5364","CVE-2015-5366"]}